Staff Engineer (Platform IAM & Administration)

Work set-up: 
Full Remote
Contract: 
Experience: 
Senior (5-10 years)
Work from: 

Offer summary

Qualifications:

8-10+ years of experience in building large-scale SaaS platforms with a focus on IAM and security., Proficiency in Java, Spring Boot, and designing stateless backend services., Experience with authentication protocols like OAuth 2.0, OIDC, SAML, and systems supporting SSO and MFA., Strong understanding of cloud platforms (AWS/GCP) and data privacy standards..

Key responsibilities:

  • Lead the design and development of secure IAM and access control systems.
  • Improve and maintain centralized authentication and authorization services.
  • Ensure secure-by-design principles are integrated across platform services and APIs.
  • Provide technical leadership and mentorship to engineering teams.

Nextiva logo
Nextiva Large https://www.nextiva.com
1001 - 5000 Employees
See all jobs

Job description

Redefine the future of customer experiences. One conversation at a time.

We’re changing the game with a firstofitskind, conversationcentric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans.

Our culture is forwardthinking, customerobsessed and built on an unwavering belief that connection fuels business and life; connections to our customers with our signature Amazing Service®, our products and services, and most importantly, each other. Since 2008, 100,000+ companies and 1M+ users rely on Nextiva for customer and team communication.

If you’re ready to collaborate and create with amazing people, let your personality shine and be on the frontlines of helping businesses deliver amazing experiences, you’re in the right place.

Build Amazing Deliver Amazing Live Amazing Be Amazing

As a Staff Engineer within the Nextiva Platform organization, focusing on Identity and Access Management (IAM) and platform data access, you will lead initiatives that ensure secure, compliant, and seamless access to critical systems and data across our SaaS offerings. You will design and evolve scalable IAM solutions and enforce data governance best practices that are integral to customer trust, platform integrity, and internal operations.

The ideal candidate will be a technical leader with strong experience in IAM systems, authenticationauthorization patterns, data access governance, and distributed platform architecture. Your role will include shaping the strategy and implementation of robust user access models, service identity, permissioning infrastructure, and compliancedriven controls at scale.

Responsibilities:

  • Lead the design and development of secure, scalable IAM and access control mechanisms, including rolebased access control (RBAC), attributebased access control (ABAC), and finegrained permissions systems
  • Improve and maintain centralized authentication and authorization services (e.g., OAuth2, OIDC, SAML, SCIM integrations)
  • Ensure securebydesign principles are embedded across platform services and APIs with a focus on access patterns, identity federation, token lifecycle management, and user provisioning
  • Drive architecture and codelevel decisions to mitigate identity risks, reduce complexity, and improve the developer experience around secure access patterns
  • Contribute to operational systems that support auditing, anomaly detection, access reviews, and governance reporting
  • Be involved in every stage of the project from ideation and system design to delivering products and features in a timely manner
  • Build robust, scalable, and maintainable software
  • Improve code quality through writing unit tests, automation, and code reviews
  • Apply and advocate for team coding, documenting and testing standard
  • Lead code reviews and communicate application changes
  • Provide technical leadership, mentorship and guidance to engineers on the team
  • Collaborate closely with internal teams as well as stakeholders
  • Implement and influence business and operational systems that support billing and usage monitoring needs
    • Basic Qualifications:

      810+ years of experience building largescale, secure SaaS platforms, with a strong focus on IAM, access management, and distributed systems.

      • Deep proficiency in Java, Spring Boot, and designing stateless backend services that integrate with identity providers (IdPs) and security frameworks
      • Experience implementing authentication protocols (OAuth 2.0, OIDC, SAML), and designing systems that support single signon (SSO), multifactor authentication (MFA), and JustInTime (JIT) provisioning
      • Familiarity with access governance tools, secrets management, and key management systems
      • Handson experience with Kafka for distributed messaging and eventdriven pipelines (e.g., audit logs, user session lifecycle, policy updates)
      • Expertise with cloud infrastructure platforms (AWSGCP) and IAMrelated services such as IAM rolespolicies, STS tokens, and crossaccount identity
      • Solid understanding of data privacy and regulatory compliance standards (e.g., SOC 2, GDPR, HIPAA) as they relate to access and identity
        • Preferred Skills:

          • Experience building or integrating with IAM platforms (e.g., Okta, Auth0, ForgeRock, Keycloak)
          • Knowledge of finegrained data access control, masking policies, and dynamic authorization patterns at the data layer
          • Experience developing or integrating policyascode solutions (e.g., OPA, Cedar, Rego)
          • Familiarity with frontend identity contexts and modern frameworks like React and TypeScript for secure session and role propagation
          • Deep understanding of zero trust architecture principles and secure servicetoservice authentication
            • Additional Qualities to Have:

              • Demonstrated ownership of complex, crossfunctional IAM and security initiatives.
              • Ability to abstract technical complexity into platform capabilities for use by product teams.
              • Strategic mindset with the ability to anticipate and access risks before they emerge.
              • Effective communicator, mentor, and partner to engineers and stakeholders across security, compliance, and product.
              • Passion for driving a culture of security and leastprivilege access within a highscale engineering organization
              • Selfmotivation, dedication, and a commitment to meeting deadlines
              • Willingness to contribute as both a team player and an individual contributor
              • Eagerness to drive new projects, troubleshoot issues, and contribute to continuous improvement
                • Nextiva DNA (Core Competencies)

                  Nextiva’s most successful team members share common traits and behaviors:

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Mentorship
  • Teamwork
  • Communication
  • Problem Solving

Engineering Manager Related jobs